Following the recent bot attacks against poorly secured MySQL installations on Windows (not a MySQL vulnerability), MySQL AB has published an article detailing how to best secure a MySQL server running on Microsoft platforms:

• Securing a MySQL Server on Windows

One particularly interesting point is how to run MySQL as an unprivileged user, which should help to lessen the impact of any compromise. MySQL's default tendency to run with administrator rights has often been criticized as a possible security risk.